Monday, March 29, 2021

Sidebar Links in Jenkins Job

Hello Everyone! Here I will give some real use cases where the Jenkins integration with Sidebar Links requirement for a Jenkins Project. 

Case 1: Your project might have a complete build strategy defined and it is shared on a Confluence page or common documentation platform. This document need to be linked to the Jenkins Job.

Case 2: Your QA team want to have all the jobs which they want to access on a single page. Even though you have placed all the QA-related jobs into a View. The solution is using Sidebar Link to the View from the Job.

Case 3: A QA team working on two different Product testings where you have the two separate Jobs, but in the Organization the jobs are grown where a listing of all jobs will make difficult to search for the second job. instead of searching for the second job if we have the second job on the first job page then QA team life will be easy. 

How to use Sidebar Links in a Jenkins Job?

Sidebar link can be used for linking following:

  1. Documentation or External URLs
  2. Jenkins Views
  3. Jenkins Jobs

 Add links in the sidebar of the Jenkins main page, view tabs and project pages. 
This simple plugin adds an Additional Sidebar Links section in the main Jenkins configuration page, with settings for link URLs, texts, and icons. 



Step 1 Install the Sidebar Link plugin
Login to Jenkins console, Select Manage Jenkins> Manage Plugins
Click on 'Available Plugins', Filter by searching 'Sidebar' word. Select the check box against it and the 'Install Plugin without restart' button.

Sidebar link plubin installation on Jenkins
Jenkins Plugin manager install plugin - Sidebar Link



Step 2: Goto your target project(new item or existing project) where you need the Sidebar link. in the 'General' tab you can see that 'Sidebar Link'. 

Configure Sidebar Link
Setting Sidebar Links with detailed steps



Select the appropriate icon for your sidebar link, On your $JENKINS_HOME you can find in 'images/24x24' directory that contains many icon files for example you use help.gif, document.gif refresh.gif. Else you can also for a custom icon placed in the JENKINS_HOME/userContent directory.

Sidebar Link icon setup
Sidebar Link - icon setup options

Finally, you will see the sidebar link with the selective icons. When I've clicked on 'DevOps Hunter' Sidebar Links surprise it opened this post Wow!! Wonderful!! this post enables you 'Continous Learning' of Jenkins CI one more interesting step in learners path..


Posted by at No comments:
Labels: , , ,

Sunday, March 14, 2021

Jenkins Manage Assign Roles - Role based Strategy

Here I am finding a solution for the users who belong to QA must have access only to the QA-related jobs. In this post, 

Situation
IT Organizations includes multiple teams such as: QA, Release, Developer and DBA or Middleware Engineers 
Jenkins Master - Container-based
Default all users have the same authorization.

I would like to share how to launch the Jenkins Master on a Docker Container. login with docker playground. As you have provision to Add Node from the left side click it. You will get a terminal to use for 4 hours to play with the Docker engine.

Jenkins Security Realm


 

To run the Jenkins inside docker container

  1. name: Jenkins-master
  2. run in detached mode -d
  3. Port forwarding from container port 8080 to host 8081 and 50000 to 50001
  4. Allocate disk space to run the Jenkins workspace use -v
  5. Docker image from Blue Ocean
Let's launch the Jenkins container using below command:
docker run --name jenkins-master -u root --rm \
 -d -p 8081:8080  -p 50001:50000 \
 -v jenkins-data:/var/jenkins_home \
 -v /var/run/docker.sock:/var/run/docker.sock \
 jenkinsci/blueocean
check Jenkins master logs from the container Jenkins-master 
docker logs jenkins-master
Copy the encrypted InitalAdminPassword to start working on Jenkins
Jenkins runs on Docker

After complete regular steps execution on the Jenkins console installation of Suggested Plugins completed 
Once your Jenkins setup is completed you will see on the browser: Jenkins is ready! Start using Jenkins
to create the default Admin user which we will use for administrating users and managing roles assignment.

Jenkins Admin User
Jenkins Crate First Admin User

Click "save and Continue".

How to create a User in Jenkins?

These users can log into Jenkins. This will be maintained by Jenkins Master 'own user database'.
Let's crate User now, ensure you have login with 'administrator' user 

Navigation steps:
  1. Goto to 'Manage Jenkins'
  2. Select 'Manage Users' 
  3. Select 'Create User'
    1. Enter Username
    2. Enter Password and Confirm Password same
    3. Enter Full name  which will display the name on the top when you log in with this user
    4. In the organizations multi-user Jenkins, to track we must enter the email id
Jenkins User
Create User on Jenkins


Jenkins allows us to create multiple users but they are all set to the global role that means "Anyone can do Anything"  which is not good when you have a lot of users and a lot of projects run in the same Jenkins Security Realm. When the project grows on a large scale we must use 'Role' specific assignment to the users.

How to install 'Role-based Authorization Strategy' plugin?


There is a Jenkins Plugin 'Role Base Strategy' which will allow us to enable the different roles assigned to different team members (users). hence we need to install that plugin. 

Jenkins > Manage Jenkins > Manage Plugin > Available tab filter 'role'.
Select the 'Role-based Authorization Strategy





Enable user authorization using a Role-based strategy. Roles can be defined globally or for particular jobs or nodes selected by regular expressions.

How to configure Global Security for Role-based?

To secure Jenkins we can define who is allowed to access or use the Jenkins Master Configuration from the 'Configure Global Security.  To enable the Role-based Authorization do the following steps:
  • Manage Jenkins 
  • Under the Security section, Select Configure Global Security
  • 'Role-based Autoriaztion' select the radio button 
  • Save the Configuration
Global Configuration Security
Authorization - Role-based Strategy



How to add Global Role in Jenkins?


Navigate to 'Manage Jenkins' then select 'Manage and Assign Roles' from the right pane. 
On the 'Manage Roles's page top, you will see Global roles section, where you will see the admin role as default available with Full access to anything on the Jenkins.Now add the new global role as "devopsAdmin'.
Manage Global Roles

Full Global Role picture

Global Role in Jenkins
Jenkins Manage Global Roles



Now in the Global roles table under 'Overall' choices  'Read' permission. which will enable user to access the Jenkins dashboard. 
On the Global roles table for 'DevopsAdmin' role choose 'View all options.
At the bottom click on 'Apply' button to save and continue.

How to setup Project roles?

On the same page of 'Manage Roles' we can add project-specific roles. Here for test purpose, we are using three roles: 

  1. DBA TEAM - dba
  2. DEVELOPER TEAM - developer
  3. TESTING TEAM - qa


Project roles in Jenkins
Manage roles for Project item

Once all set in the Manage Roles page, go to the 'Assign Roles' option from the 'Manage and Assign Roles' under the Security section.

Assign Global roles for each user

Add the Jenkins users, which were created earlier in our example srini, rajashekhar, melvin are created.
Select the global role which you have created in the Global roles on the 'Manage Roles' page.


After you assign users 'Srini, Melvin, Rajshekhar' the in place of  global roles they automatically turn to dev, dba, qa : 




Similarly, we can assign 'users' - 'Srini, Melvin, Rajsekhar' then the roles for Item (Project-based) as shown below


User adding to Project roles in Jenkins

Finally, we have succeeded in implementing a role-based authorization for the Jenkins system.

Admin full access to all jobs
Jenkins limited access to developer role




Please write your experience with the steps.



.

Posted by at No comments:
Labels: , , , , ,

Saturday, March 6, 2021

Kubernetes Services

 Hello everyone !! In this post, we will discuss the Kubernetes Services, What, and How we can deploy the service on a Kubernetes cluster.

What is Kubernetes Service?

We have Kubernetes services for not to remember the pod IP address, it is more comfortable inter-connecting the pods using service names.

Why we need Kubernetes Services?

We will get to know once we deploy the following different kinds of Kubernetes services on your Kubernetes cluster.

Types of Kubernetes Services

  • NodePort
  • ClusterIP
  • Headless 
  • Loadbalancer
Kubernetes Service types
Kubernetes Service types



NodePort

The node port will be a port enabled on a Node per microservice application. 

Let's have pod defination in myapp.yaml


apiVersion: v1
kind: Pod
metadata:
    name: myapp-pod
    labels:
        app: myapp
spec:
    containers:
        - name: nginx-containers
          image: nginx
Create the myapp pod using the above defination.

Example nodeport.yaml file

apiVersion: v1
kind: Service
metadata:
  name: appservice
spec:
  type : NodePort
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30008
  selector:
    app: myapp

kubectl create -f nodeport.yaml
kubctl get services
kubectl describe service appservice

ClusterIP 

- Headless services such as database services which are needed to be exposed to internal Kubernetes services like web application service.

apiVersion: v1
kind: Service
metadata:
  name: app-service
spec:
  ports:
    - port: 80
      protocol: TCP
  selector:
    app: app-server
apiVersion: apps/v1
kind: Deployment
metadata:
  name: app-server
  labels:
    app: app-server
spec:
  selector:
    matchLabels:
      app: app-server
  template:
    metadata:
      labels:
        app: app-server
    spec:
      containers:
      - name: web-server
        image: nginx
        ports:
        - containerPort: 80

Load balancer

You can configure a LoadBalancer on any of the Cloud provider. GCP, AWS OCI etc. 

Here in the below we will consider the example of LoadBalancer using AWS cloud ELB


apiVersion: v1
kind: Service
metadata:
  name: lb-service
  labels:
    app: lb-service
spec:
  type: NodePort
  ports:
  - port: 80
  selector:
    app: frontend

Now we have the frontend-deployment.yml file as : 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: frontend-deployment
spec:
  replicas: 2
  selector:
    matchLabels:
      app: frontend
  minReadySecond: 30
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
        maxUnavailable: 0
  template:
    metadata:
      labels:
        app: frontend
    spec:
      containers:
      - name: frontend-container
        image: nginx

Reference:

  1. ExternalName service Stackoverflow Question
Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)

Categories

Kubernetes (24) Docker (20) git (13) Jenkins (12) AWS (7) Jenkins CI (5) Vagrant (5) K8s (4) VirtualBox (4) CentOS7 (3) docker registry (3) docker-ee (3) ucp (3) Jenkins Automation (2) Jenkins Master Slave (2) Jenkins Project (2) containers (2) create deployment (2) docker EE (2) docker private registry (2) dockers (2) dtr (2) kubeadm (2) kubectl (2) kubelet (2) openssl (2) Alert Manager CLI (1) AlertManager (1) Apache Maven (1) Best DevOps interview questions (1) CentOS (1) Container as a Service (1) DevOps Interview Questions (1) Docker 19 CE on Ubuntu 19.04 (1) Docker Tutorial (1) Docker UCP (1) Docker installation on Ubunutu (1) Docker interview questions (1) Docker on PowerShell (1) Docker on Windows (1) Docker version (1) Docker-ee installation on CentOS (1) DockerHub (1) Features of DTR (1) Fedora (1) Freestyle Project (1) Git Install on CentOS (1) Git Install on Oracle Linux (1) Git Install on RHEL (1) Git Source based installation (1) Git line ending setup (1) Git migration (1) Grafana on Windows (1) Install DTR (1) Install Docker on Windows Server (1) Install Maven on CentOS (1) Issues (1) Jenkins CI server on AWS instance (1) Jenkins First Job (1) Jenkins Installation on CentOS7 (1) Jenkins Master (1) Jenkins automatic build (1) Jenkins installation on Ubuntu 18.04 (1) Jenkins integration with GitHub server (1) Jenkins on AWS Ubuntu (1) Kubernetes Cluster provisioning (1) Kubernetes interview questions (1) Kuberntes Installation (1) Maven (1) Maven installation on Unix (1) Operations interview Questions (1) Oracle Linux (1) Personal access tokens on GitHub (1) Problem in Docker (1) Prometheus (1) Prometheus CLI (1) RHEL (1) SCM (1) SCM Poll (1) SRE interview questions (1) Troubleshooting (1) Uninstall Git (1) Uninstall Git on CentOS7 (1) Universal Control Plane (1) Vagrantfile (1) amtool (1) aws IAM Role (1) aws policy (1) caas (1) chef installation (1) create organization on UCP (1) create team on UCP (1) docker CE (1) docker UCP console (1) docker command line (1) docker commands (1) docker community edition (1) docker container (1) docker editions (1) docker enterprise edition (1) docker enterprise edition deep dive (1) docker for windows (1) docker hub (1) docker installation (1) docker node (1) docker releases (1) docker secure registry (1) docker service (1) docker swarm init (1) docker swarm join (1) docker trusted registry (1) elasticBeanStalk (1) global configurations (1) helm installation issue (1) mvn (1) namespaces (1) promtool (1) service creation (1) slack (1)